Lawrie's WR703N Notes

[Initial Installation] [More Functionality] [Upgrade/Rebuild] [Added Packages] [Using TP-Link Firmware] [Useful Links]

Just a few notes on how I modify & reconfigure TP-Link WR703N's to run OpenWRT as a home server/node. These are a really tiny, ultra-cheap (~$25), Chinese "3G travel router", using an Atheros AR7240 400MHz ARM CPU with just 4Mb flash & 32Mb RAM. They come with chinese firmware that needs to be replaced with a suitable english alternative. For general server use, I reflash them with the OpenWRT linux variant designed for small device use, and use an 8Gb USB drive as extroot, as I believe this is the most flexible and configurable alternative. There is also a version of the TP-Link firmware, written for the close cousin (and slightly more expensive) MR3020 (which is available from Australian suppliers, and likely a good choice if you actually want its default functionality).

Tips on Initial Installation

• first step is to purchase one of these beastie's, just look on eBay, currently available for <A$25 from china or hong kong. They are also available from some online Australian suppliers (for likely a little more). You should also get a low-profile 4-8GB USB drive (I'm using a Sandisk Cruzer Fit) to use as a much larger external file system.
• once have items, must first replace chinese firmware with OpenWRT, see refs [1], [4], [5].
• nb. contrary to statements in [1], [5] the current OpenWRT Release "Attitude Adjustment" from Apr 2013 [3] *IS* compatible with the device, and is what I am using on my devices
• for initial upgrade must use the factory version of s/w: openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-factory.bin
• connect the wr703n directly to your config host (eg. linux laptop) following instructions [1], [4], [5] to access it and do the firmware upgrade. In brief, this means booting the device whilst connected to a standalone system on network 192.168.1/24, login with password admin, and select the system upgrade option, as shown in this figure.
• once rebooted into OpenWRT do initial net & system config so device can be placed on your home LAN (likely with fixed IP). You can either use the ssh command-line, or the Luci web management interface for this.
• reboot and attach to home LAN
• using linux system partition & format USB drive as mostly ext4 data plus a smallish linux swap partition (suggest 128-256MB quite enough given 32Mb RAM)
• then install necessary USB storage & ext4 support modules and configure for extroot use, see refs [7], [8], [9]. Note I struggled with the extroot config given the variant suggestions, and finally mostly followed [9]; except I didn't need to remove any packages, and used tar to copy the root filesystem to the USB drive. The key steps, after installing and configuring fstab to support USB ext4 filesystems, and with the is_rootfs=1 option set, are:

  mount /dev/sda1 /mnt
  mkdir /tmp/root
  mount -o bind / /tmp/root
  tar -C /tmp/root -cvf - . | tar -C /mnt -xf -
  reboot
  

• after reboot you should have a system with a reasonable amount of storage to install further modules and to play with
• and if things go "pear-shaped" during the initial build (likely due to overflowing the internal flash) note the instructions on using the "reset button" to access the "Failsafe mode" and the link to the "generic failsafe instructions" in [1]

• you now want to install & configure modules as needed for desired function
• ref the OpenWRT HowTos for guidance as to modules & config needed [10], also some suggestions in [6]
• DO keep a list of modules installed, as you'll need this on upgrade
• the Luci web interface (should be installed with uhttpd webserver & lua scripting language by default) provides a quite nice interface for standard queries & config, just enable & start uhttpd, see [11].
• I strongly recommend that you don't leave Luci on the standard web port - suggest moving to another port (eg. 800), and indeed configuring another web instance on another port (be it 80 or 8080 etc) for general web serving, that you may want to port forward to through your LAN gateway
• Likewise if you are going to expose the SSH port externally, I suggest you use a non-standard external port, configure SSH public key authentication for root, and disable root password login (though make *very* sure the public key login works first, or you'll be in trouble!) This is because there is continuous extensive scanning of SSH ports for weak passwords on known logins (like root), and you just don't want this load on the box!
• You may want to spend some time reviewing and thinking about your network interface/firewall configuration (which initially I found very confusing). Specifically note the distinction between logical firewall zones (that define different trust regions for the firewall rules - by default you have a trusted inside "lan" and untrusted natted outside "wan"); and physical network interfaces that your assign IP config to and allocate to a firewall zone. I now have 3 "generic" configs in use: static local ethernet for plugged into home LAN; access point that clients can connect to which connects via ethernet with DHCP for wan; and local client that connects to the local net wirelessly (with nat for ethernet clients). If you want to configure your device as a WiFi access point, you likely want to add a third logical "WiFi" zone and suitable rules for traffic relay between this and likely existing wan zone, similar to lan-wan rules.
• I also enabled cron, and wrote some simple scripts to generate a small backup of config & user files using the sysupgrade backup option (this comes in useful when upgrading later)
• I also installed SMB mount support so I could access my NAS (TimeCapsule). nb. SMB mounts don't seem to work out of fstab, I wrote a separate script to start/stop these late in sequence; also access Apple device with SMB requires specifying extra option: sec=ntlm
• and note that if you get into trouble whilst adding/configuring assorted extensions, all these changes are now being made on the USB extroot; you can alway reboot the system sans USB drive, and will be back to your original, minimal pre-extroot (you *did* make sure that was working didn't you!) configuration - you can plug the USB drive back in after booting, where it will now just be a normal mount (likely on /mnt) where you can fiddle/reset files to hopefully restore things.

• once have a working OpenWRT installation can use sysupgrade to upgrade the system
• download a sysupgrade image from desired release or snapshot: openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
• make sure have a suitable backup on the extroot system with all configs and user files (not libraries or binaries), can use sysupgrade backup option
• reboot system sans USB drive so have just basic internal flash
• make sure /etc/sysupgrade.conf has needed basic config items (such as net & USB extroot configs)
• copy upgrade image to tmp and upgrade with: sysupgrade -v /tmp/openwrt-ar71xx-generic-tl-wr703n-v1-squashfs-sysupgrade.bin
• reformat extroot partition on USB drive since need to reload all packages
• reinstall usb storage packages & config extroot
• insert USB drive so mounts and restore extroot saved config & user areas from backup, then reboot so running with extroot
• now using extroot, reinstall assorted desired packages

The process for adding modules using opkg is to first import the package list (needed after every reboot, since stored in volatile /var), and to then install the desired packages:

opkg update
opkg install list of packages to install

On my systems, I've generally chosen to add some of the following:

USB storage/ext4 (required for extroot support, on internal flash)

kmod-usb-storage block-mount kmod-fs-ext4

FAT filesystem support (assumes block-mount already added)

kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1

SMB filesystem support (assumes block-mount already added)

kmod-fs-cifs cifsmount

common utilities

diffutils less nano sudo vim

PHP5 (+ key modules for pmwiki use) for web cgi

php5 php5-cgi php5-mod-session php5-mod-xml zoneinfo-core zoneinfo-australia-nz

nb. ensure have set doc_root to nothing in /etc/php.ini

nb. for security make /usr/bin/php-cgi setuid www.www (or any non-root user you have added to system)

extra lua modules

luaposix

audio support (see [13])

kmod-sound-core alsa-lib libsndfile pulseaudio-daemon mpd mpc

usb webcam support (see [14])

kmod-video-uvc mjpg-streamer

• if you want the original "travel router" functionality of this device, and especially if you want to use a "mobile broadband" 3G/4G connection, then you are likely best off using the official TP-Link MR3020 firmware.
• you can just buy a MR3020 with this firmware already installed
• or you can reflash your WR703N with it instead of with OpenWRT. For this, I used the instructions (and firmware copy) from [15]
• the official TP-Link firmware is found at [16]

1. OpenWRT TP-Link WR703N page - wiki.openwrt.org/toh/tp-link/tl-wr703n
2. OpenWRT Documentation - wiki.openwrt.org/doc/start
3. Attitude Adjustment v12.09 Trunk Release - downloads.openwrt.org/attitude_adjustment/12.09/
4. Silicon Chip Nov 2012 article on WR703N - www.siliconchip.com.au/Issue/2012/November/Hacking+A+Mini+Wireless+Webserver,+Pt.1
5. How to flash TP-Link WR703N with OpenWrt - mikavac.net/2012/06/03/how-to-flash-tp-link-wr703n-with-openwrt/
6. TP-Link WR703N OpenWrt post installation tips - cmikavac.net/2012/06/03/tp-link-wr703n-openwrt-post-installation-tips
7. OpenWRT USB Storage HowTo - wiki.openwrt.org/doc/howto/usb.storage
8. OpenWRT Extroot HowTo - wiki.openwrt.org/doc/howto/extroot
9. Ben Brown Extroot Blog - blog.ralim.id.au/2013/02/tl-wr703n-extroot-openwrt
10. OpenWRT HowTos - wiki.openwrt.org/doc/howto/start
11. OpenWRT uhttpd - wiki.openwrt.org/doc/uci/uhttpd
12. OpenWRT Sysupgrade doc - wiki.openwrt.org/doc/howto/generic.sysupgrade
13. OpenWRT USB Audio - http://wiki.openwrt.org/doc/howto/usb.audio
14. OpenWRT USB Video - http://wiki.openwrt.org/doc/howto/usb.video
15. Howto TP-LINK TL-WR703N / Install TP-LINK software from GUI
16. TP-Link Firmware Downloads